CN1124719C - Parameterized hash functions for access control - Google Patents

Parameterized hash functions for access control Download PDF

Info

Publication number
CN1124719C
CN1124719C CN 96196499 CN96196499A CN1124719C CN 1124719 C CN1124719 C CN 1124719C CN 96196499 CN96196499 CN 96196499 CN 96196499 A CN96196499 A CN 96196499A CN 1124719 C CN1124719 C CN 1124719C
Authority
CN
China
Prior art keywords
key
unit
executable program
signature
encryption
Prior art date
Application number
CN 96196499
Other languages
Chinese (zh)
Other versions
CN1194072A (en
Inventor
D·W·奥古史密斯
R·C·劳尔哈瑟
Original Assignee
英特尔公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to US08/519,307 priority Critical patent/US5757915A/en
Application filed by 英特尔公司 filed Critical 英特尔公司
Publication of CN1194072A publication Critical patent/CN1194072A/en
Application granted granted Critical
Publication of CN1124719C publication Critical patent/CN1124719C/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress

Abstract

公开了计算机系统中一种存取控制的方法和装置。 Discloses a method and apparatus of one computer system access control. 一个存储单元接收具有一个加密的可执行映像和一个签名分量的一个数据块。 A memory unit having received an encrypted executable image and a signature component of a data block. 一个连接到该存储单元的分离单元从该加密的可执行映像中分离所述签名分量。 A separate connection to the encrypted executable image from the separation unit in the storage unit signature component. 一个连接到分离单元的解密单元使用该签名分量作为一个密钥解密所述加密的可执行映像。 A separation unit connected to the decryption unit uses the signature component as a key to decrypt the encrypted executable image. 这产生一个解密的可执行程序。 This produces a decrypted executable program. 一个连接到所述解密单元的识别单元定位在解密的可执行程序中的一个识别标记并识别分配给该识别标记的一个组合密钥。 An identification tag connected to a recognition unit is positioned in the decryption unit decrypted executable program and identifies a combination of keys assigned to the identification mark. 一个连接到所述识别单元的签名生成单元使用该组合密钥作为一个密钥对解密的可执行程序执行一个密钥加密的杂散算法。 A recognition unit coupled to the signature generation unit using the same key as a key to perform a spurious key encryption algorithm executable decryption. 一个连接到签名生成单元的检验单元比较签名分量与计算的密钥加密的杂散值以检验所述数据块的源并判定它是否已被修改。 A verification unit connected to the signature generation unit comparing the signature encryption key component of the calculated value to stray verify the source of the data blocks and determines whether it has been modified. 如果该签名与密钥加密的杂散值匹配,那么连接到检验单元的权限分配单元给解密的可执行程序分配一个合适的存取权限,允许它由计算机系统执行。 If the signature key encryption spurious values ​​match, then the test cell is connected to the rights assignment unit to assign a decrypted executable program suitable access, allowing it to be executed by a computer system.

Description

用于存取控制的参数化散列函数 A parameter for controlling access of the hash function

本发明涉及计算机系统中的存取控制。 The present invention relates to access control in a computer system. 更具体地说,本发明涉及一种装置和方法,用于识别一个可执行映像的源和使用这一识别来确定允许执行的存取权限级。 More particularly, the present invention relates to an apparatus and method for identifying a source of the executable image and using that identification to determine the access level allowed to be executed.

计算机系统的安全侵犯可归类为有意的和偶然的。 Security breaches of computer systems can be classified as intentional and accidental. 未授权读数据、未授权修改数据和未授权破坏数据属于有意侵犯一类。 Unauthorized reading of data, unauthorized data modification and unauthorized destruction of data belonging to a class of intentional violations. 大多数操作系统提供处理手段来产生其它进程。 Most operating systems provide the processing means to generate other processes. 在这种环境下,可能产生滥用操作系统资源和用户文件的情形。 In this environment, it may produce Abusive operating system resources and user files. 蠕虫和病毒是两种普通的滥用方法。 Worms and viruses are two common methods of abuse. 计算机系统的保护依赖于它识别要执行的程序源和检验这些程序未被修改的能力,这种修改可以给该系统造成安全威胁。 Protection of a computer system depends on its source recognition program to be executed and tested the ability of these programs have not been modified, such modifications can pose a security threat to the system.

除检验程序源的真实性之外,还需要保证文件、存储器段、CPU和计算机系统的其它资源仅由从操作系统获得适当授权的进程使用。 In addition to the authenticity of the test program source, we also need to ensure that other resource files, memory segments, CPU, and the computer system used only by the proper authorization from the operating system processes. 提供这一保护的理由有几种。 The reason for providing protection in several ways. 最明显的是需要防止恶作剧的、有意的存取限制破坏。 The most obvious is the need to prevent mischief, intentional destruction of access restrictions. 需要保证在一个系统中每一活动的程序部分以与使用这些资源规定的政策一致的方式使用系统资源具有更普遍的重要意义。 We need to ensure that each activity in a part of the program the system in a consistent manner prescribed policies and the use of these resources is important to use system resources more generally. 保护通过检测位于部件子系统之间接口处潜伏的错误可以改善可靠性。 Error protection member positioned at an interface between the subsystems by detecting latent reliability can be improved. 接口错误的早期检测可以防止健康子系统被另一故障子系统感染。 Interface errors early detection can prevent health subsystem is infected with another subsystem failure.

一个进程通常在一个保护域内运行。 A process typically runs in a protected domain. 该域指定该进程可以访问的资源。 This field specifies the process can access the resource. 每一域定义一组对象和可以就每一对象被调用的操作的类型。 Each domain defines a set of objects and each object type can be called to the operation. 对一个对象执行一种操作的能力是一种存取权限。 The ability to perform an operation to an object is an access. 一个域是存取权限的一个集合,每一存取权限通常是一个顺序对:<对象名,权限集合>。 A domain is a collection of access rights, each access is typically a sequence of: & lt; object name, the permissions set & gt ;. 例如,如果域D有存取权限<文件F,{读,写}>,那么一个在D域执行的进程既可以读也可以写文件F。 For example, if domain D has the access authority & lt; file F, {read, write} & gt ;, then you can either read a file write process may be performed in domain D F. 然而对该对象不应该允许执行任何其它操作。 However, the object should not be allowed to perform any other operation. 多个域可以不相交或者它们可以共享存取权限。 A plurality of domains may be disjoint or they may share access rights. 一个进程和一个域之间的关联既可以是静态的,也可以是动态的。 The association between a process and a domain can be static, it can be dynamic. 因而,限制每一进程可用的保护域是重要的。 Thus, each domain limit protection available to processes is important.

因此,需要的是提供一个可执行图像的一种不可伪造的签名的装置和方法,它可以用于识别该可执行映像的源,而不管对该可执行图像有任何修改,以及该可执行图像由操作系统允许的存取权限级或可信度。 Thus, what is needed is an apparatus and method for providing a signature of an executable image unforgeable, it can be used to identify the source of the executable image, regardless of any modifications to the executable image, and perform image by the operating system allows access to or confidence level.

根据本发明第一个方面,提供产生一个编码的可执行映像的方法,包括的步骤有:使用具有分配给一个可执行程序的一组关联的存取权限的第一密钥对该可执行程序执行一个密钥加密的散列函数,生成一个签名分量;使用该签名分量作为一个第二密钥对所述可执行程序执行一个加密算法。 According to a first aspect of the present invention, there is provided a method of generating an encoded executable image comprising the steps of: having assigned a set of access rights associated with a first executable program to the executable program key performing a cryptographic keyed hash function to generate a signature component; using the signature component as a second key to perform an encryption algorithm the executable program.

根据本发明的另一个方面,提供一个存取控制器,包括:一个分离单元,它从一个数据块中的加密的可执行映像中分离一个签名分量,该签名分量由对一个第一可执行程序执行一个密钥加密的散列函数而导出;一个连接到所述分离单元的解密单元,它用所述签名分量解密该加密的可执行映像为一个第二可执行程序;一个连接到所述解密单元的签名生成单元,它使用一个密钥计算所述第二可执行程序的一个密钥加密散列值;一个连接到所述签名生成单元的检验单元,它比较所述密钥加密的散列值与所述签名分量。 According to another aspect of the invention, there is provided an access controller, comprising: a separation unit which separates a signature component from an encrypted data block in the executable image, signature component of the executable program to a first performing a cryptographic hash function to derive key; a decryption unit connected to the separation unit, which uses the signature component to decrypt the encrypted executable image into a second executable program; connected to the decryption signature generation unit cell, which uses a key to encrypt the hash value of the second executable program is a key to the computing; a verification unit coupled to said signature generation unit, the encryption key hash comparing it value with the signature component.

根据本发明的另一个方面,提供一个计算机系统,包括:一条总线;一个连接到所述总线的存储器;一个分离单元,它从一个数据块中的一个加密的可执行映像中分离一个签名分量;一个连接到所述分离单元的解密单元,它使用所述签名分量解密所述加密的可执行映像为一个可执行程序;一个连接到所述解密单元的签名生成单元,它使用一个密钥计算所述可执行程序的一个密钥加密散列值;一个连接到所述签名生成单元的检验单元,它比较所述密钥加密的散列值与所述签名分量。 According to another aspect of the present invention, there is provided a computer system, comprising: a bus; a memory coupled to said bus; a separation unit which separates a signature component from a data block of an encrypted executable image; a decryption unit connected to the separation unit, which uses the signature component decrypt the encrypted executable image into an executable program; a signature generation unit coupled to said decryption unit, it is calculated using a key a key encryption hash value of said executable program; a signature generation unit coupled to the test unit, it compares the hash value of the encrypted key to the signature component.

根据本发明的另一个方面,提供一个计算机系统,包括:一条总线;一个连接到所述总线的存储器;一个连接到所述总线的处理器;以及一个编码器,它使用具有分配给一个可执行程序的一组关联的存取权限的一个第一密钥能够生成一个签名分量;以及使用该签名分量作为一个第二密钥能够加密该可执行程序。 According to another aspect of the invention, there is provided a computer system, comprising: a bus; a memory coupled to said bus; a processor coupled to said bus; and an encoder, which is assigned to an executable having a first key to generate a signature component can be a set of access rights associated with the program; and using the signature component as a second key to encrypt the executable program.

根据本发明的另一个方面,提供一种产生一个编码的可执行映象的方法,包括:使用具有分配给一个可执行程序的一组关联的存取权限的一个第一密钥,生成一个签名分量;以及使用该签名分量作为一个第二密钥对所述可执行程序进行加密。 According to another aspect of the invention, there is provided a method of producing an executable image encoding, comprising: a first key having access to the executable program allocated to a group associated, generate a signature component; and using the signature component as a second key encrypting the executable program.

根据本发明的另一个方面,提供一种存取控制方法,包括:使用一个签名分量解密一个可执行映象为一个可执行程序;使用一个密钥计算所述可执行程序的一个密钥加密散列值;以及比较所述签名分量与所述密钥加密的散列值。 According to another aspect of the invention, there is provided a method for access control, comprising: a signature component using a decryption executable image into an executable program; calculated using a key of the executable program to encrypt a hash key column value; comparing said hash value and a signature component of the encryption key.

根据本发明的另一个方面,提供一个用于编码一个可执行程序的装置,包括:一个签名生成单元,它使用具有分配给所述可执行程序的数字信息的一组关联的存取权限的一个第一密钥,生成一个签名分量;以及一个连接到该签名生成单元的第一加密单元,使用该签名分量作为一个第二密钥对所述可执行程序的数字信息序进行加密。 According to another aspect of the invention, there is provided a device for encoding an executable program, comprising: a signature generation unit, which uses a set of associated access rights assigned to the executable program having the digital information in a a first key, generating a signature component; and a connection to the first encryption unit signature generation unit using the signature component as a second key digital information sequence to encrypt the executable program.

根据本发明的另一个方面,提供一个译码器,包括一个解密单元,用于使用一个签名分量将一个加密的可执行程序进行解密,该签名分量是通过一个事先分配有一组存取权限的密钥产生的;以及用于将该存取权限分配给该解密的可执行程序的电路。 According to another aspect of the invention, there is provided a decoder, comprising a decryption unit configured to execute a program using the signature component to decrypt an encrypted, the signature component is a set of access rights assigned by a prior adhesion key generated; and means for assigning the access rights to the decrypted executable program circuit.

本发明公开了一种在计算机系统中存取控制的方法和装置。 The present invention discloses a method and apparatus for access control in a computer system. 该存取控制的一个实施例包括一个存储单元。 The access control according to one embodiment includes a storage unit. 该存储单元存储具有一个签名分量和一个加密的可执行映像的一个数据块。 The storage unit stores a block of data having a signature component and a encrypted executable image. 一个分离单元连接到该存储单元。 A separation unit connected to the memory cell. 该分离单元接收该数据块,并将签名分量从加密的可执行映像分出来。 The separation unit receives the block of data, and the signature component from the encrypted executable sub-image. 一个解密单元连接到该分离单元。 A decryption unit connected to the separation unit. 解密单元接收加密的可执行映像和解密该加密的可执行映像为一个可执行程序。 Decryption unit receives the encrypted executable image and decrypts the encrypted executable image into an executable program. 这可以通过运行一个使用签名分量作为密钥的解密算法解密该加密的可执行映像而实现。 This can be achieved by running a signature component using a decryption algorithm to decrypt the encrypted executable image. 一个识别单元连接到该解密单元。 A recognition unit connected to the decryption unit. 识别单元接收要使用的可执行程序并识别指定给在可执行程序中的一个识别标记的密钥以计算可执行程序的一个密钥加密的杂散值。 Identification unit receives the executable program to be used and to identify a recognition mark in the executable program to a key encryption key computing executable program assigns a value to stray. 一个签名生成单元连接到解密单元。 A signature generation unit coupled to the decryption unit. 签名生成单元接收可执行程序和使用由识别单元识别的一个存储密钥计算对该可执行程序的一个密钥加密的杂散值。 Signature generation unit receives the executable program and use a storage key recognized by the recognition unit calculates a key to the encrypted executable spurious values. 一个检验单元连接到杂散单元。 A verification unit connected to the stray unit. 检验单元比较密钥加密的杂散值与签名分量以验证该数据块的源以及确认对该数据块没有进行修改。 The test unit compares the encrypted key value and the stray signature component to verify the source of the data block and the data block acknowledgment is not modified. 一个权限分配单元连接到杂散单元。 A rights assignment unit coupled to stray unit. 权限分配单元接收用于计算可执行程序的密钥加密杂散值的密钥并根据与该密钥关联的权限分配权限给可执行程序。 Rights assignment unit receives the key encryption key computing an executable program for a spurious value, and the permissions assigned to the executable program according to rights associated with the key.

本发明的第二实施例公开了计算机系统内的一种存取控制方法。 The second embodiment of the present invention discloses a method for access control in a computer system. 首先接收具有一个签名分量和一个加密的可执行映像的一个数据块。 Receiving a first block of data having a signature component and a encrypted executable image. 在该数据块收到后,把签名分量从加密的可执行映像分离。 After the block is received, the signature component separated from the encrypted executable image. 接着把可执行映像通过执行一个使用签名分量作为密钥的解密算法解密。 Then by executing the executable image using the signature component as a key to decrypt decryption algorithm. 识别相应于可执行程序中的一个识别标记的一个组合密钥。 A combination of an identification tag corresponding to the executable program identification key. 该组合密钥被用来计算可执行程序的一个密钥加密的杂散值。 The composite key is used to encrypt the executable program calculates a spurious key value. 在计算出密钥加密的杂散值之后,把该密钥加密的杂散值与签名分量比较来检验该数据块的源。 After calculating the value of stray key encryption, the encrypted key value and stray signature component to verify the source of the data comparison block. 根据预分配给该密钥的权限给可执行程序分配权限。 According to rights pre-assigned to the executable program key assigned permissions.

从下面给出的详细说明和具有各种特征的附图和在本发明中实施的元件,可以充分理解本发明。 The detailed description given herebelow and from the accompanying drawings and elements in the embodiment of the present invention has various features, the present invention can be fully appreciated. 所述说明和附图并不限制本发明到特定的实施例。 The description and drawings are not intended to limit the invention to the specific embodiments. 它们只是为解释和理解而提供。 They just provided for the interpretation and understanding.

图1表示在一个计算机系统中实现的一种存取控制器的一个实施例。 FIG. 1 shows an embodiment of a access controller implemented in a computer system.

图2表示本发明的一个编码单元的一个实施例的方框图。 Figure 2 shows a block diagram of the invention encodes a cell embodiment.

图3表示怎样使用本发明的编码单元编码一个消息。 Figure 3 shows how to use the encoding unit according to the present invention a message.

图4表示本发明的一个存取控制器的第二实施例的方框图。 FIG 4 shows an access controller of the present invention, a block diagram of a second embodiment.

图5表示本发明的视频处理系统的第三实施例的方框图。 Figure 5 shows a block diagram of a third embodiment of a video processing system according to the present invention.

图6是说明一个编码方法的流程图。 6 is a flowchart illustrating an encoding method.

图7是说明在一个计算机系统中用于存取控制的方法的流程图。 FIG 7 is a flowchart of a method for access control in a computer system is described.

本发明叙述了一个新颖的存取控制器单元。 The present invention describes a novel access controller unit. 在下面详细的说明中,叙述了大量的特定的细节以便彻底理解本发明。 In the following detailed description, there is described numerous specific details to provide a thorough understanding of the present invention. 然而熟悉本技术领域的人应该理解,可以不要这些特定细节实现本发明。 However, the person skilled in the art should understand that these specific details may not practice the invention. 在另外的场合,未详细叙述公知的方法、过程、部件和电路,以便不模糊本发明。 In a further case, not described in detail well-known methods, procedures, components and circuits, so as not to obscure the present invention.

下面的详细说明的某些部分以计算机存储器内对数据位操作的算法和符号表示进行说明。 Some portions of the following detailed description of the algorithms and symbolic representations within a computer memory operations on data bits will be described. 这些算法说明和表示是熟悉数据处理技术领域的人使用的方式,它能对其他熟悉该技术领域的人最有效地表达他们工作的实质。 These algorithmic descriptions and representations are familiar with the way people use technology in the field of data processing, it can most effectively convey the substance of their work to others skilled in the art. 一种算法被认为是导向一个希望结果的一个自身一致的步骤序列。 An algorithm is considered to be directed to a desired self-consistent sequence of steps a result. 这些步骤是需要物理操作物理量的那些步骤。 These steps are those requiring physical manipulations of physical quantities. 通常,虽然并非必须,这些物理量是电或磁信号,它们能够被存储、传输、组合、比较或者进行其它操作。 Usually, though not necessarily, these quantities are electrical or magnetic signals that are capable of being stored, transferred, combined, compared or otherwise manipulated. 在许多场合,主要为公共使用的原因,称这些信号为位、值、元素、符号、字符、术语、数字等被证明是方便的。 In many cases, mainly for reasons of common usage, it refers to these signals as bits, values, elements, symbols, characters, terms, numbers, etc. proved to be convenient. 然而应该牢记,所有这些以及相似的术语是与合适的物理量关联,它们仅仅是应用于这些物理量的方便的标记。 It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely applied to these quantities convenient marker. 除非特别说明,否则从下面的讨论中明显看出,贯穿本发明,使用诸如“处理”或“计算”或“运算”或“判定”或“显示”等术语的讨论指的是一个计算机系统或相似的电子计算装置的动作或处理,这些动作或处理操纵和变换作为在该计算机系统的寄存器和存储器中的物理(电子)量表示的数据为在该计算机系统的存储器或寄存器或其它这样的信息存储、变换或显示装置内的物理量表示的类似的其它数据。 Discussion unless specifically stated otherwise as apparent from the following discussions, throughout the present invention, the use of terms such as "processing" or "computing" or "calculating" or "determining" or "displaying" or the like refers to a computer system or electronic computing device, similar actions or processes, these actions or processes that manipulates and transforms the physical register and the memory of the computer system (electronic) quantities of data memories or registers of the computer system or other such information storage, conversion, or other similar data represented as physical quantities within the display device.

图1以方框图的形式表示本发明的一个实施例的一个计算机系统。 1 shows a system according to the present invention, one embodiment of a computer in block diagram form. 该计算机系统包括总线100、键盘接口101、外部存储器102、海量存储设备103、处理器104和显示设备控制器105。 The computer system comprises bus 100, keyboard interface 101, external memory 102, mass storage device 103, processor 104 and display device controller 105. 总线100连接到显示设备控制器105、键盘接口101、微处理器104、存储器102和海量存储设备103。 Bus 100 is connected to the display device controller 105, keyboard interface 101, microprocessor 104, memory 102 and mass storage device 103. 显示设备控制器105可以连接到一个显示设备上。 The display device controller 105 may be coupled to a display device. 键盘接口101可以连接到一个键盘上。 Keyboard interface 101 can be connected to a keyboard.

总线100可以是一个单总线或者是一个多总线的组合。 Bus 100 may be a single bus or a combination of multiple buses. 作为一个例子,总线100可以包括一个工业标准结构(ISA)总线、一个扩展工业标准结构(EISA)总线、一个系统总线、X总线、PS/2总线、一个外围设备部件互连(PCI)总线、一个个人计算机存储器卡国际协会(PCMCIA)总线或其它总线。 As an example, bus 100 may include an Industry Standard Architecture (ISA) bus, an Extended Industry Standard Architecture (EISA) bus, a system bus, X bus, PS / 2 bus, a Peripheral Component Interconnect (PCI) bus, a personal computer memory card international Association (PCMCIA) bus or other buses. 总线100也可以包括任何这些总线的任一组合。 Bus 100 may also include any combination of any of these buses. 总线100提供计算机系统中部件之间的通信连接。 The communication bus 100 provides a connection between the computer system components. 键盘接口101可以是一个键盘控制器或其它键盘接口。 Keyboard interface 101 may be a keyboard controller or other keyboard interface. 键盘接口101可以是专用设备或者可以驻留在其它设备中,例如一个总线控制器或其它控制器中。 Keyboard interface 101 may be a dedicated device or may reside in another device, such as a bus controller or other controller. 键盘接口101允许连接一个键盘到该计算机系统和从一个键盘传输信号到该计算机系统。 Keyboard interface 101 allows a keyboard connected to the computer system and a transmission signal from the keyboard to the computer system. 外部存储器102可以包括一个动态随机存取存储器(DRAM)设备、一个静态随机存取存储器(SRAM)设备、或其它存储器设备。 External memory 102 may comprise a dynamic random access memory (DRAM) device, a static random access memory (SRAM) device, or other memory devices. 外部存储器102存储来自海量存储设备103和处理器104的信息和数据为处理器104使用。 External memory 102 stores information and data from mass storage device 103 and processor 104. The processor 104 is used. 海量存储设备103可以是一个硬盘驱动器、一个软盘驱动器、一个CD-R0M设备、一个快速存储器设备或者其它海量存储设备。 Mass storage device 103 may be a hard disk drive, a floppy drive, a CD-R0M device, a flash memory device or other mass storage device. 海量存储设备103给外部存储器102提供信息和数据。 Mass storage device 103 provides information and data to external memory 102.

处理器104处理来自外部存储器102的信息和数据,并存储信息和数据到外部存储器102。 The processor 104 processes information and data from external memory 102 and stores information and data to external memory 102. 处理器104还接收来自键盘控制器101的信号并传输信息和数据到显示设备控制器105以便在显示设备上显示。 The processor 104 also receives signals from keyboard controller 101 and transmits information and data to display device controller 105 for display on the display device. 处理器104还传输视频映像到显示控制器以便在显示设备上显示。 Processor 104 also transmits video images to the display controller for display on a display device. 处理器104可以是一个复杂指令集计算(CISC)微处理器、一个精简指令集计算(RISC)微处理器、一个非常长指令字(VLIW)微处理器或者其它处理器设备。 The processor 104 may be a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor, a very long instruction word (VLIW) microprocessor or other processor device. 显示设备控制器105允许连接一个显示设备到该计算机系统并作为在显示设备和计算机系统之间的一个接口。 Display device controller 105 allows a device connected to the computer system and serves as an interface between the display device and the computer display system. 显示设备控制器105可以是一个单色显示适配器(MDA)卡、一个彩色图形适配器(CGA)卡、增强图形适配器(EGA)卡、多彩色图形阵列(MCGA)卡、视频图形阵列(VGA)卡、扩展图形阵列(XGA)卡或者其它显示设备控制器。 The display device controller 105 may be a monochrome display adapter (MDA) card, a color graphics adapter (CGA) card, enhanced graphics adapter (EGA) card, multi-color graphics array (MCGA) card, video graphics array (VGA) card , extended graphics array (XGA) card or other display device controller. 显示设备可以是一个电视机、一个计算机监视器、一个平板显示器或者其它显示设备。 The display device may be a television set, a computer monitor, a flat panel display or other display device. 显示设备接收来自处理器104经过显示设备控制器105的信息和数据并显示这些信息和数据给该计算机系统的用户。 The display device receives information and data through the control device 105 from the display processor 104 and displays the user information and data to the computer system.

所述计算机系统还包括存取控制器单元106。 The computer system 106 further includes an access controller unit. 存取控制器单元106连接到总线100。 Access controller unit 106 is connected to the bus 100. 与该计算机系统内存取权限关联的一组密钥存储在存取控制器单元106中。 Storing the set of keys and a computer memory system to take privileges associated with the access controller unit 106. 每一密钥定义一个程序操作的域。 Each domain defines a key operation of the program. 这些密钥还定义一个或者多个组合密钥,用作在一个加密的散列函数中产生一个程序签名的参数。 These keys also define one or more combinations of keys, used to generate a signature program parameters in a cryptographic hash function. 该程序签名进一步用作一个加密密钥来加密可执行程序。 The program serves as a further signature encryption key to encrypt the executable program.

存取控制器单元106从海量存储设备103或者连接到总线100的其它I/O设备接收一个要被处理器104运行的进程。 Access controller unit 106 from the mass storage device connected to a bus 103 or other I / O device 100 receives a process to be run in the processor 104. 该进程包括一个加密的可执行映像和一个签名分量。 The process includes an encrypted executable image and a signature component. 在计算机系统执行一个程序之前,存取控制器单元106检验该程序的签名是否从一个已知的组合密钥合法构造。 Before the computer system executes a program, the access controller unit 106 verifies the signature on the program key is valid is configured from a known combination. 通过检验该进程的签名分量,存取控制器单元106识别该进程的源,检验该进程未被以威胁计算机系统的方式修改,并决定授于该进程存取操作系统的级别。 Testing the signature component of the process, accessing process 106 identifies the source of the controller unit, the inspection process is not a threat in a manner to modify the computer system, and decides to grant the access level of the operating system process. 存取控制器单元106然后允许可执行程序以分配给在导出该组合密钥时使用的密钥的权限执行。 The access controller unit 106 then allows the executable program to execute permissions assigned to the key used when deriving the key of the combination.

图2表示本发明的一个文件编码单元的一个实施例的方框图。 Figure 2 shows a block diagram of an embodiment of the present invention, the document coding unit. 文件编码单元210包括签名生成器221和加密单元230。 File encoding unit 210 comprises signature generator 221 and encryption unit 230. 签名生成器221运行以产生要被处理器104执行的一个可执行程序的一个签名。 Signature generator 221 operates to generate a signature of an executable program to be executed by the processor 104. 加密单元230使用该签名作为一个密钥加密包含可执行程序的文件。 Encryption unit 230 uses the signature encryption key as a file containing an executable program. 签名生成器221对一个可执行程序的明文执行一个加密密钥散列函数,产生加密的文本。 Signature generator 221 performs a cryptographic keyed hash function on an executable plain text to produce encrypted text. 签名生成器221使用由存储在存取控制器单元106中的密钥组成的组合密钥。 Signature generator 221 uses a combination of keys stored in access controller unit 106 consisting of keys. 用于加密散列函数中的每一组合密钥与一组存取权限关联。 Encryption key for each combination of the hash function is associated with a set of access rights. 这些权限在执行前分配给可执行程序。 These rights are assigned to the executable program before execution.

签名生成器221包括计算单元222和加密单元223。 Signature generator 221 comprises computation unit 222 and encryption unit 223. 签名生成器221可以使用计算单元222和加密单元223对可执行程序的明文执行任意数目的加密密钥散列功能或者加密算法。 Signature generator 221 can use computation unit 222 and encryption unit performs any number of plaintext encryption key hash functions or encryption algorithms executable program 223 pairs. 这些密钥既可以是私有对称密钥,也可以是公共不对称密钥。 These keys can be either private symmetric keys, asymmetric keys may also be public. 其差别是操作系统复制该密钥所需要的保护程度。 The difference is the operating system to copy the degree of protection required for the key. 签名生成器221可以使用诸如Lucifer,Madryga,NewDES,FEAL,REDOC,LOKI,Khufu,Khafre或者IDEA这样通常的算法来为可执行程序生成一个加密密钥杂散值。 Signature generator 221 may be used, such as Lucifer, Madryga, NewDES, FEAL, REDOC, LOKI, Khufu, Khafre or generally so IDEA algorithm to generate a spurious encryption key for the executable. 在本发明的一个实施例中,计算单元222和加密单元223使用数据加密标准(DES)密码块链(CBC)来为可执行程序产生一个加密密钥杂散值。 In one embodiment of the present invention, the computing unit 222 and the encryption unit 223 using the Data Encryption Standard (DES) Cipher Block Chaining (CBC) to generate a spurious encryption key for the executable.

图3表示当计算单元222和加密单元223使用CBC为可执行程序产生一个密钥杂散值时采取的步骤。 Figure 3 shows the steps taken when the calculation unit 222 and the encryption unit 223 generates a key using CBC spurs for the executable. 链接使用一种反馈机制。 Link using a feedback mechanism. 先前的块加密的结果反馈到当前块的加密中。 Previous results back to the block cipher encryption of the current block. 换句话说,使用前一块修改下一块的加密。 In other words, before using a block encryption modifications. 每一加密文本块既依赖于产生它的明文块也依赖于先前的明文块。 Each ciphertext block is dependent on both the plaintext block that produced it also depends on the previous plaintext block. 在CBC中,明文在加密前与先前加密的文本块异或。 In CBC, the plaintext before encryption and previously encrypted text block XOR.

在该例子中,编码单元210接收包含具有24字节的一个可执行程序的一个文件。 In this example, encoding unit 210 receives a file having a byte 24 of an executable program. 签名生成器221把这24字节文件分成三个8字节的部分。 Signature generator 221 these 24 byte file into three 8 byte sections. 明文的前8个字节表示为P1。 The first 8 bytes of plain text is represented as P1. P1与存储在计算单元222中的一个初始矢量(IV)异或,产生一个第一积。 P1 and in the calculating unit 222 is an initial vector (IV) stored XOR to produce a first product. 初始矢量是与一组要分配给可执行程序的存取权限关联的一个第一组合密钥的一个函数。 The initial vector is allocated to a group to be a function of a combination of the first access key associated with the executable program. 在P1与IV异或后,加密单元223使用一个第二组合密钥对第一积执行密钥加密算法,产生一个加密的第一积C1。 After P1 and XOR IV, the encryption unit 223 using a second combination of a first product key performs key encryption algorithm to produce an encrypted first volume C1. 密钥加密算法可以是各种不同的密钥加密算法中的一个,包括前面列出的任何密钥加密算法。 Key encryption algorithm may be different in a key encryption algorithms, including any key encryption algorithms listed earlier. 计算单元222用表示为P 2的第二个8字节部分与加密的第一积异或,产生一个第二8字节积。 Calculating a second unit 222 is expressed by 8 bytes and encrypted first portion P 2 of different product or to produce a second 8 byte product. 加密单元223使用第二组合密钥对该第二积执行一个密钥加密算法,产生一个加密的第二积C2。 Using the second encryption unit 223 performs a combination of key on the second product key encryption algorithm to produce an encrypted second product C2. 计算单元222把该加密的第二积与第三8字节部分异或,产生一个第三8字节积。 The calculation unit 222 of the encrypted second product with the third 8 byte section XOR, generating a third 8 byte product. 加密单元223使用第二组合密钥对该第三积执行一个密钥加密算法,产生一个第三加密积C3,它用作该可执行程序的一个签名。 Using the second encryption unit 223 performs a combination of a secret key encryption algorithm key for the third product, to produce a third encrypted product C3, which serves as a signature of the executable program.

签名生成单元221产生可执行程序的一个签名,其为文件中所有字符的一个函数。 A signature generation unit 221 generates a signature of the executable program, which is a function of all the file characters. 因此,如果该可执行程序被修改,那么通过重新计算密钥加密的杂散值并将该重新计算的值与原来的签名比较就可能检测出这一修改。 Thus, if the executable program is modified, and then re-calculates the value of the original signatures it is possible to compare the detected key encryption modified by recalculating spurious values.

加密单元230通过使用从密钥加密杂散算法产生的签名作为一个密钥执行一个加密算法加密可执行程序。 Encryption unit 230 by using a signature generated from the key encryption algorithm as a spurious perform a key encryption algorithm executable program. 这产生一个加密的可执行映像。 This produces an encrypted executable image. 可执行程序的加密提供另外的保护级以防止来授权的第三方读取该可执行程序。 Encrypting the executable program provides an additional level of protection against unauthorized third party to read the executable program. 加密单元230可以使用各种加密算法。 Encryption unit 230 may use a variety of encryption algorithms. 加密的可执行映像和签名都作为文件送给一个计算机系统去执行。 Encrypted executable image and the signature are sent to a computer system as a file to execute.

图4表示本发明的一个存取控制器的第二实施例的方框图。 FIG 4 shows an access controller of the present invention, a block diagram of a second embodiment. 存取控制单元400包括存储单元410、分离单元420、解密单元430、识别单元440、签名生成单元450、检验单元460和权限分配单元470。 Access control unit 400 comprises storage unit 410, separation unit 420, a decryption unit 430, identification unit 440, signature generation unit 450, inspection unit 460 and the rights assignment unit 470.

存储单元410接收包括一个加密的可执行映像和一个签名分量的一个数据块。 It includes a storage unit 410 receives the encrypted executable image and a signature component of a data block. 存储单元410可以包括一个DRAM设备、一个SRAM设备或者其它存储设备。 The storage unit 410 may comprise a DRAM device, a SRAM device or other storage device. 存储单元410使用一个指针指示计算机系统所存储的文件是一个可执行映像还是一个可执行程序。 410 computer system using a pointer stored in a file storage unit is executable image or an executable program. 该指针指示计算机系统,当存储的文件是一个可执行映像时存储单元410正被作为临时存储设备使用。 The pointer indicates a computer system, when a file is stored is an executable image storage unit 410 is being used as a temporary storage device. 该指针指示计算机系统,当存储的文件是一个可执行程序时存储单元410被作为可执行空间使用。 The pointer indicates a computer system, when the storage file is an executable program storage unit 410 is used as executable space.

分离单元420连接到存储单元410。 Separation unit 420 is connected to the storage unit 410. 分离单元420接收从存储单元410来的数据块并从签名分量分离加密的可执行映像。 Separation unit 420 receives the data from the memory cell blocks 410 and signature component from the encrypted executable image separation. 这将允许存取控制单元400单独处理加密的可执行映像和签名分量。 This allows access control unit 400 separate processing of the encrypted executable image and a signature component of.

解密单元430连接到分离单元420和存储单元410。 Decryption unit 430 is connected to the separation unit 420 and storage unit 410. 解密单元430接收来自分离单元420的以密码文本形式的加密的可执行映像和签名分量。 Decryption unit 430 receives the executable image and the signature component from an encrypted to form ciphertext separation unit 420. 解密单元430使用该签名分量作为解密密钥解密加密的可执行映像。 Decryption unit 430 using the signature component as a decryption key to decrypt the encrypted executable image. 解密单元430变换加密的可执行映像为一个解密的可执行程序。 Decryption unit 430 transforms the encrypted executable image is a decrypted executable program.

识别单元440连接到解密单元430和存储单元410。 The recognition unit 440 is connected to the decryption unit 430 and storage unit 410. 识别单元440从解密单元430接收可执行程序。 The recognition unit 440 receives the executable program from the decryption unit 430. 识别单元440读取在可执行程序中的一个识别标记,获得一个分配给该识别标记的相应组合密钥的标识。 Recognition unit 440 reads an identification mark in the executable program, obtain the identification of a corresponding composite key assigned to the identification mark. 这一组合密钥通常是由签名生成单元221使用用以生成该可执行程序的密钥杂散值的同一密钥。 This is usually combined key by a signature generation unit 221 uses the same key to generate the key value of the spurious of the executable program. 在本发明的一个实施例中,识别处理器440包括一个匹配各种识别标记与各种组合密钥的一个查阅表。 In one embodiment of the present invention, the recognition processor 440 includes a look-up table matching various identification marks with various combinations of keys. 该组合密钥与授予可执行程序的特定存取权限关联。 The key associated with a particular combination to grant access to the executable program.

签名生成单元450连接到识别单元440和存储单元410。 Signature generation unit 450 is connected to the recognition unit 440 and storage unit 410. 签名生成单元450接收分配给可执行程序的识别标记的组合密钥的标识。 Signature generation unit 450 receives the identifier assigned to the executable program identification mark key combination. 签名生成单元450使用由识别单元440接收的组合密钥的标识计算由识别单元440接收的解密的可执行程序的一个密钥加密杂散值。 Signature generation unit 450 calculates a key to encrypt the decrypted executable program spurious values ​​received by the identification unit 440 identifies a combination key received by the recognition unit 440. 签名生成单元450存储多个对计算机系统分配有特定存取权限的密钥。 450 signature generation unit stores a plurality of keys assigned specific access rights to the computer system. 这些密钥导出多个组合密钥,它们用于编码和解码可执行程序和解密的可执行程序。 These keys derive a plurality of combinations of keys, which are used to encode and decode executable programs and decrypted executable programs.

检验单元460连接到签名生成单元450和存储单元410。 Test unit 460 is connected to the signature generation unit 450 and storage unit 410. 比较单元460从存储单元410接收可执行映像的签名分量,从签名生成单元450接收解密的可执行程序的密钥杂散值。 Comparison unit 460 receives the signature component of the executable image storage unit 410, receives the decryption key spurious values ​​executable program from signature generation unit 450. 检验单元460比较解密的可执行程序的密钥杂散值与可执行映像的签名分量。 Signature component of the executable program key value of the stray test unit 460 and compares the decrypted executable image. 如果这两者相同,则检验单元460允许解密的可执行程序由计算机系统执行。 If they are the same, verification unit 460 allows the decrypted executable program is executed by a computer system. 如果这两者不同,则检验单元460意识到可执行映像已被修改,而不应该由计算机系统执行。 If the two are different, the test unit 460 realized executable image has been modified, and should not be executed by the computer system.

在本发明的一个实施例中,签名生成单元450不接收用于计算解密的可执行程序的密钥加密的散列函数的一个组合密钥的标识。 In one embodiment of the present invention, the signature generation unit 450 does not receive the encryption key for identifying a combination of the decrypted executable program calculates the hash function keys. 相反,签名生成单元450使用由在签名生成单元450中存储的密钥的重排列而导出的组合密钥来计算解密的可执行程序的几个密钥加密的杂散值。 Instead, signature generation unit 450 uses the encryption key generated by rearranging a few signature generation unit 450 stores the derived key calculated combined key decrypted executable program spurious values. 这些密钥加密的杂散值由检验单元460接收,它判定是否有任何密钥加密的杂散值与原始签名分量匹配。 These spurious key encryption value received by the inspection unit 460, it is determined whether any key encryption stray values ​​match the original signature component. 相似地,如果在可执行映像的签名分量和解密的可执行程序的任何计算的密钥加密杂散值之间存在有匹配的话,那么检验单元460允许该解密的可执行程序由计算机系统执行。 Similarly, if there is a match between the calculated value of any spurious key encryption signature component of the executable image and decrypts the executable program, then the test unit 460 allows the decrypted executable program executed by a computer system. 如果不存在匹配,那么检验单元460意识到可执行映像被修改而不应该由计算机系统执行。 If there is no match, then the test unit 460 realized executable image has been modified and should not be executed by the computer system.

权限分配单元470连接到检验单元460和存储单元410。 Rights assignment unit 470 is connected to the inspection unit 460 and storage unit 410. 权限分配单元470接收用作计算匹配密钥加密的杂散值与可执行映像的签名分量所用的组合密钥的标识。 Rights assignment unit 470 receives the signature component as a combination of the identification value of the stray executable image calculating the matching key encryption keys to be used. 当权限分配单元470从检验单元460接收一个信号,指示该解密的可执行程序要由计算机系统执行时,则权限分配单元470运行以分配可用的权限给该程序,这通过识别与用于计算匹配的密钥加密杂散值的特定组合密钥关联的权限而实现。 When receiving a signal from the inspection unit 460, indicating that the decrypted executable program to be executed, then the permissions assigned by the computer operating system unit 470 to assign privileges available to the program, which is used to calculate the matching by identifying rights assignment unit 470 the specific combination of key encryption keys spurious values ​​associated permissions implemented. 在本发明的一个实施例中,权限分配单元470可以包括一个匹配各种组合密钥与各种存取权限级别的查阅表。 In one embodiment of the present invention, rights assignment unit 470 may include various combinations of matching keys with various levels of access to the lookup table. 在权限分配单元470给解密的可执行程序分配合适的权限后,权限分配单元470移动存储单元410中的指针,指示计算机系统存储单元410被用作一个可执行空间。 After rights assignment unit 470 to assign the appropriate rights to decrypted executable program, rights assignment unit 470 moves the pointer storage unit 410, instructing the computer system is used as a storage unit 410 may perform spatial. 计算机系统将意识到存储单元410包含一个可执行程序并开始执行该可执行程序。 The computer system will be appreciated that storage unit 410 contains an executable program and the executable program begins execution.

图5以方框图的形式表示本发明的第四实施例的一个典型的计算机系统。 Figure 5 shows a typical computer system according to a fourth embodiment of the present invention in block diagram form. 该计算机系统包括总线500,微处理器510,存储器520,数据存储设备530,键盘控制器540和显示设备控制器550。 The computer system comprises bus 500, microprocessor 510, memory 520, data storage device 530, keyboard controller 540, and a display device controller 550.

微处理器510可以是一个复杂指令集计算(CISC)微处理器,一个精简指令集计算(RISC)微处理器或者其它处理器设备。 The microprocessor 510 may be a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor or other processor device. 微处理器执行存储在存储器520中的指令或代码和对存储在存储器520中的数据执行操作。 Microprocessor executes instructions or code stored in memory 520 and performs operations on data stored in the memory 520. 计算机系统500进一步包括一个连接在总线515上的数据存储设备530,例如硬盘,软盘或光盘驱动器。 Computer system 500 further includes a bus 515 connected to the data storage device 530, such as hard disk, floppy disk or CD drive. 显示设备控制器550也连接到总线515。 The display device controller 550 is also connected to the bus 515. 显示设备控制器550允许连接一个显示设备到计算机系统。 The display device controller 550 allows a display device connected to the computer system. 键盘控制器540允许连接一个键盘到计算机系统以及从键盘传输信号到计算机系统。 Keyboard controller 540 allows a keyboard connected to a computer system and a transmission signal from the keyboard to the computer system.

存储器520通过总线500连接到微处理器510。 The memory 520 is connected to the microprocessor 510 via bus 500. 存储器520可以是动态随机存取存储器(DRAM),静态随机存取存储器(SRAM)或者其它存储器设备。 The memory 520 may be a dynamic random access memory (DRAM), static random access memory (SRAM) or other memory devices. 存储器520可以存储由处理器510执行的指令或代码,它们可以是应用程序、操作系统程序或其它计算机程序的一部分。 The memory 520 may store instructions or code executed by processor 510, which may be part of the application, operating system programs or other computer programs. 存储器520包括存储模块521、分离模块522、解密模块523、识别模块524、签名生成模块525、检验模块526和权限分配模块527。 The memory 520 includes a storage module 521, separation module 522, decryption module 523, identification module 524, signature generation module 525, verification module 526, and rights assignment module 527. 存储模块521包括由处理器510以图7所示方式执行的第一多条处理器可执行指令。 Storage module 521 includes instructions executable by a processor of the first plurality of processor 510 in the manner shown in FIG. 7 performed. 存储模块521执行类似于图4的存储单元410执行的功能。 Storage module 521 performs the function storage unit 410 4 performs similar to FIG. 分离模块522包括由处理器510以图7所示方式执行的第二多条处理器可执行指令。 Separation module 522 comprises a second plurality of processors to perform in the manner shown in FIG. 7 by the processor-executable instructions 510. 分离模块522执行类似于图4的分离单元420执行的功能。 Separation module 522 performs the function of the separation unit 420 performs 4 similar to FIG. 解密模块523包括由处理器510以图7所示方式执行的第三多条处理器可执行指令。 Decryption module 523 includes instructions executable by a processor of the third plurality of processor 510 in the manner shown in FIG. 7 performed. 解密模块523执行类似于图4的解密单元430执行的功能。 Decryption module 523 to perform the functions of the decryption unit 430 performs 4 similar to FIG. 识别模块524包括由处理器510以图7所示方式执行的第四多条处理器可执行指令。 Identification module 524 includes executable instructions executed by the processor of the fourth plurality of processor 510 in the manner shown in FIG. 7 performed. 识别模块524执行类似于图4的识别单元440执行的功能。 Recognition module 524 to perform the functions of the recognition unit 440 performs 4 is similar to FIG. 签名生成模块525包括由处理器510以图7所示方式执行的第五多条处理器可执行指令。 The signature generation module 525 comprises a fifth plurality of processors to perform in the manner shown in FIG. 7 by the processor-executable instructions 510. 签名生成模块525执行类似于图4的签名生成单元450执行的功能。 The signature generation module 525 to perform the functions of the signature generation unit 450 similar to Figure 4. 检验模块526包括由处理器510以图7所示方式执行的第六多条处理器可执行指令。 Test module 526 includes executable instructions executed by a sixth plurality of processor processor 510 in the manner shown in FIG. 7 performed. 检验模块526执行类似于图4的检验单元460执行的功能。 Test module 526 performs the function of checking unit 460 performs 4 is similar to FIG. 权限分配模块527包括由处理器510以图7所示方式执行的第七多条处理器可执行指令。 Rights assignment module 527 comprises a seventh plurality of processors to perform in the manner shown in FIG. 7 by the processor-executable instructions 510. 权限分配模块527执行类似于图4的权限分配单元470执行的功能。 Permission rights assignment module 527 performs the function assignment unit 470 4 performs similar to FIG.

图6是表示编码要由一个计算机系统执行的一个可执行程序的方法的流程图。 FIG 6 is a flowchart of a method of encoding an executable program to be executed by a computer system. 首先如方框601所示接收一个可执行程序。 First, as an executable program receiving block 601 shown in FIG. 接着如方框602所示接收定义要分配给所述可执行程序的相关权限的一个组合密钥。 Next, as shown in block 602 receives a defined combination key associated rights to be assigned to the executable program. 对所述可执行程序执行一个密钥加密杂散算法。 Performing a spurious key encryption algorithm to the executable program. 该组合密钥既可以是一个私有对称密钥,也可以是一个公共非对称密钥。 The combination of a private key may be a symmetric key may be a public asymmetric key. 这将产生一个密钥加密的杂散值,它用作该可执行程序的一个签名或者指纹。 This will generate an encryption key of a spurious value, which is used as a signature of the executable program or fingerprint. 这示于方框603。 This is shown in block 603.

接着,使用密钥加密的杂散值作为一个密钥加密该可执行程序。 Subsequently, encrypted with a key value as a spurious key to encrypt the executable program. 这产生一个可执行映像。 This produces an executable image. 这示于方框604。 This is shown in block 604. 在可执行程序被加密为一个可执行映像后,把该可执行映像和签名分量都送往一个计算机系统去处理和执行。 After the executable program is encrypted to an executable image and the signature component of the executable image are sent to a computer system and executed to handle. 这示于方框605。 This is shown in block 605.

图7是表示一个计算机系统中的存取控制方法的流程图。 FIG 7 is a flowchart illustrating a method for access control in a computer system. 首先,如方框701所示,接收具有一个签名分量和一个可执行映像的一个数据块。 First, as shown in block 701, receives a block of data having a signature component and an executable image. 如方框702所示从该可执行映像中分离签名分量。 As shown in block 702 separated from the signature component of the executable image. 使用该签名分量作为密钥解密该可执行映像,这产生一个解密的可执行程序,它示于方框703。 Uses the signature component as a key for decrypting the executable image, which generates a decrypted executable program, which is shown in block 703.

接着,如方框704所示,在解密的可执行程序中定位一个识别标记。 Next, as shown in block 704, an identification tag is positioned in the decrypted executable program. 识别与该识别标记关联的一个组合密钥,这示于方框705。 Identifying the identification tag associated with a key combination, which is shown in block 705. 在方框706使用与该识别标记关联的组合密钥计算该解密的可执行程序的一个密钥加密的杂散值。 In block 706 encrypted using the calculated decrypting key in combination with the identification tag associated with the executable program a spurious key value. 接着检验数据块的源以及通过比较该数据块中的签名分量与用于解密的可执行程序的计算的密钥加密杂散值判定该数据块是否已被修改,这示于菱形707。 Then test source data block, and determines whether or not the component has been modified with a block of data encryption key used to calculate the spurious executable program by comparing the decrypted signature block, which is shown in diamond 707. 如果数据块中的签名分量与计算的密钥加密杂散值不匹配,则不执行该解密的可执行程序。 If the data block does not match the signature component value calculation of spurious key encryption, the decrypted executable program is not executed. 这示于方框708。 This is shown in block 708. 如果该数据块中的签名分量与计算的密钥加密杂散值匹配,那么给解密的可执行程序分配一个由组合密钥确定的适当的权限。 If encryption key values ​​match the spurious data block with the signature component is calculated, then the appropriate permissions assigned a determined by the combined key to decrypt the executable program. 这示于方框709。 This is shown in block 709. 最后如方框710所示,执行该解密的可执行程序。 Finally, as shown in block, to execute the decrypted executable program 710.

在上面的说明中,本发明参考其特定实施例加以说明。 In the above description, the present invention with reference to specific embodiments thereof will be described. 然而显然可以对其进行各种修改、变化,而不离开在所附权利要求中叙述的本发明的精神和范围。 However, it is apparent that various modifications, changes, without departing from the spirit and scope of the invention recited in the appended claims. 因此,本说明书及附图应该看作是说明性的,而不是限制性的。 Accordingly, the present specification and drawings are to be regarded in an illustrative, and not restrictive.

虽然熟悉本技术领域的人在读过上面的说明后可以对本发明进行许多变化或修改,但是应该理解,用图示或说明方式叙述的这些特别的实施例并不打算限制本发明。 While persons skilled in the art that many variations or modifications may be made to the present invention after reading the above description, it should be understood that these specific embodiments or illustrated embodiments by way of illustration are not intended to limit the described invention. 因此,对特定实施例的细节的参考并不用于限制叙述本发明基本特征的权利要求的范围。 Therefore, references to details of particular embodiments are not intended to limit the scope of the claims recited features of the present invention, the basic requirements.

Claims (21)

1.产生一个编码的可执行映像的方法,包括的步骤有:使用具有分配给一个可执行程序的一组关联的存取权限的第一密钥对该可执行程序执行一个密钥加密的散列函数,生成一个签名分量;使用该签名分量作为一个第二密钥对所述可执行程序执行一个加密算法。 A method for generating an encoded executable image, comprising the steps of: a set of first access key associated with the execution of an executable program key encrypted using a hash assigned to an executable program column functions, to generate a signature component; using the signature component as a second key to perform an encryption algorithm the executable program.
2.权利要求1所述方法,其中,执行密钥加密的散列函数包括执行一个数据加密标准密码块链算法。 The method of claim 1, wherein performing key encryption hash function comprises performing a data encryption standard cipher block chain algorithm.
3.一种存取控制方法,包括的步骤有:从一个数据块中的一个可执行映像中分离一个签名分量;使用该签名分量解密所述可执行映像为一个可执行程序;使用一个密钥计算所述可执行程序的一个密钥加密散列值;通过比较所述签名分量与所述密钥加密的散列值检验所述数据块的源。 An access control method, comprising the steps of: separating a signature component from a data block of an executable image; used to decrypt the signature component of the executable image into an executable program; using a key the encryption key calculating a hash value of the executable program; source encrypted by comparing the signature component of said test hash value of the data block.
4.权利要求3所述方法,进一步包括:在所述可执行程序中寻找一个识别标记,查找相应于所述识别标记的密钥用以对所述可执行程序执行一个密钥加密的散列函数。 The method of claim 3, further comprising: an identification mark to find the executable program to find the corresponding key to perform an identification mark of the executable program key encrypted hash function.
5.权利要求3所述方法,进一步包括根据与所述密钥关联的权限给所述可执行程序分配权限的步骤。 The method of claim 3, further comprising the steps of the rights associated with the key to assign rights to the executable program.
6.一个存取控制器,包括:一个分离单元,它从一个数据块中的加密的可执行映像中分离一个签名分量,该签名分量由对一个第一可执行程序执行一个密钥加密的散列函数而导出;一个连接到所述分离单元的解密单元,它用所述签名分量解密该加密的可执行映像为一个第二可执行程序;一个连接到所述解密单元的签名生成单元,它使用一个密钥计算所述第二可执行程序的一个密钥加密散列值;一个连接到所述签名生成单元的检验单元,它比较所述密钥加密的散列值与所述签名分量。 6. an access controller, comprising: a separation unit which separates a signature component from an encrypted data block in the executable image, the signature component encrypted by a key performing one of the first executable program Powder deriving a function of the column; a decryption unit coupled to said separation unit, it uses the signature component to decrypt the encrypted executable image into a second executable program; a signature generation unit coupled to said decryption unit, it using a key encryption key computing a hash value of the second executable program; a verification unit coupled to said signature generation unit that compares a hash value of the encrypted key to the signature component.
7.权利要求6所述存取控制器,其中,所述签名生成单元进一步包括一个密钥存储部件,用于存储由所述签名生成单元使用的密钥。 The access controller of claim 6, wherein the signature generation unit further comprises a key storage means for storing said signature key generating unit for use.
8.权利要求6所述存取控制器,进一步包括一个连接到所述解密单元的识别单元,它在所述第一可执行程序中识别指定给一个识别标记的密钥,用于计算所述第二可执行程序的加密散列值。 The access controller of claim 6, further comprising an identification unit coupled to said decryption unit, which identifies the identification mark assigned to a key of the first executable program, for calculating a cryptographic hash value of the second executable program.
9.权利要求6所述存取控制器,进一步包括连接到所述签名生成单元的一个权限分配单元,它根据与所述密钥关联的权限给所述第二可执行程序分配权限。 9. The access controller as claimed in claim 6, further comprising generating a rights assignment unit coupled to said signature means, it is assigned to the second executable program according to rights associated with the key authority.
10.一个计算机系统,包括:一条总线;一个连接到所述总线的存储器;一个分离单元,它从一个数据块中的一个加密的可执行映像中分离一个签名分量;一个连接到所述分离单元的解密单元,它使用所述签名分量解密所述加密的可执行映像为一个可执行程序;一个连接到所述解密单元的签名生成单元,它使用一个密钥计算所述可执行程序的一个密钥加密散列值;一个连接到所述签名生成单元的检验单元,它比较所述密钥加密的散列值与所述签名分量。 10. A computer system, comprising: a bus; a memory coupled to said bus; a separation unit which separates a signature component from a data block of an encrypted executable image; connected to the separation unit decryption unit, which uses the signature component decrypt the encrypted executable image into an executable program; a signature generation unit coupled to said decryption unit, which uses a key to calculate a density of said executable program encryption key hash; a verification unit coupled to said signature generation unit that compares a hash value of the encrypted key to the signature component.
11.一个计算机系统,包括:一条总线;一个连接到所述总线的存储器;一个连接到所述总线的处理器;以及一个编码器,它使用具有分配给一个可执行程序的一组关联的存取权限的一个第一密钥能够生成一个签名分量;以及使用该签名分量作为一个第二密钥能够加密该可执行程序。 11. A computer system, comprising: a processor coupled to said bus;; a bus; a memory coupled to said bus and an encoder, which uses a set of memory associated with the executable program allocated to a access privileges by a first key capable of generating a signature component; and using the signature component as a second key to encrypt the executable program.
12.根据权利要求11的计算机系统,其中该编码器包括:一个签名生成单元,它执行一个密钥加密散列函数产生该签名分量;以及一个连接到该签名生成单元的第一加密单元。 12. The computer system of claim 11, wherein the encoder comprises: a signature generation unit that performs a hash function to generate the encryption key signature component; and a connection to the first encryption unit signature generation unit.
13.根据权利要求12的计算机系统,其中该签名生成单元还包括一个计算单元和一个执行数据加密标准密码块链算法的第二加密单元。 13. The computer system of claim 12, wherein the signature generation unit further comprises a unit and a second encryption unit a data encryption standard cipher block chain calculation algorithm executed.
14.一个用于编码一个可执行程序的装置,包括:一个签名生成单元,它使用具有分配给所述可执行程序的数字信息的一组关联的存取权限的一个第一密钥,生成一个签名分量;以及一个连接到该签名生成单元的第一加密单元,使用该签名分量作为一个第二密钥对所述可执行程序的数字信息序进行加密。 14. a device for encoding an executable program, comprising: a signature generation unit, which uses a first key associated with a set of access rights assigned to the executable program having the digital information, to generate a signature component; and a connection to the first encryption unit signature generation unit using the signature component as a second key encrypting digital information sequence of the executable program.
15.根据权利要求14的装置,其中第一加密单元,使用该签名分量作为第二密钥对可执行程序进行加密。 15. The apparatus of claim 14, wherein the first encryption unit, using the signature component as a second key to encrypt the executable program.
16.权利要求14所述装置,其中,所述签名生成单元进一步包括一个计算单元和执行一个数据加密标准密码块链算法的第二加密单元。 16. The apparatus of claim 14, wherein the signature generation unit further comprises a unit and performing a data encryption standard cipher block chain unit calculates the second encryption algorithm.
17.一个译码器,包括一个解密单元,用于使用一个签名分量将一个加密的可执行程序进行解密,该签名分量是通过一个事先分配有一组存取权限的密钥产生的;以及用于将该存取权限分配给该解密的可执行程序的电路。 A decoder 17, comprising a decryption unit, a signature component using a decrypting encrypted executable program, the signature component is allocated in advance a set of access keys produced by one; and means for assigned to the access circuit of the decrypted executable program.
18.根据权利要求17的译码器,其中该电路包括一个权限分配单元,该权限分配单元包括一个将该密钥与该组存取权限相匹配的查找表。 18. The decoder of claim 17, wherein the circuit comprises a rights assignment unit, the dispensing unit includes a rights key look-up table with the access to the set of matches.
19.根据权利要求18的译码器,还包括:用于计算该解密的可执行程序的一个密钥加密的散列值的电路。 19. The decoder as claimed in claim 18, further comprising: a circuit of a hash value of the encrypted key is decrypted executable program for the calculation.
20.根据权利要求19的译码器,其中用于计算的电路包括:用于识别该密钥的一个识别单元;以及用于计算该密钥加密的散列值的一个签名生成单元。 20. The decoder as claimed in claim 19, wherein the means for calculating circuitry comprises: a recognition unit for identifying the key; and means for calculating a signature encryption key to the hash value generation unit.
21.根据权利要求19的译码器,还包括:一个检验电路,它用于检验该密钥加密的散列值是否等价于该签名分量,以及用于当该密钥加密的散列值等价于该签名分量时通知该权限分配单元。 21. The decoder as claimed in claim 19, further comprising: a test circuit for testing whether the encryption key hash value equivalent to the signature component, and the key used to encrypt the hash value when the rights assignment unit when the notification is equivalent to the signature component.
CN 96196499 1995-08-25 1996-07-19 Parameterized hash functions for access control CN1124719C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US08/519,307 US5757915A (en) 1995-08-25 1995-08-25 Parameterized hash functions for access control

Publications (2)

Publication Number Publication Date
CN1194072A CN1194072A (en) 1998-09-23
CN1124719C true CN1124719C (en) 2003-10-15

Family

ID=24067740

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 96196499 CN1124719C (en) 1995-08-25 1996-07-19 Parameterized hash functions for access control

Country Status (11)

Country Link
US (2) US5757915A (en)
EP (1) EP0860064B1 (en)
JP (1) JP4087442B2 (en)
CN (1) CN1124719C (en)
AU (1) AU6501196A (en)
BR (1) BR9610127A (en)
DE (2) DE69635209T2 (en)
HK (1) HK1015987A1 (en)
IL (1) IL123198A (en)
RU (1) RU2142674C1 (en)
WO (1) WO1997007657A2 (en)

Families Citing this family (135)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3865775B2 (en) * 1995-04-11 2007-01-10 キネテック インコーポレイテッド Data identification in data processing systems
US6201869B1 (en) * 1995-09-05 2001-03-13 Mitsubishi Denki Kabushiki Kaisha Data transformation apparatus and data transformation method
US6088515A (en) 1995-11-13 2000-07-11 Citrix Systems Inc Method and apparatus for making a hypermedium interactive
JP3747520B2 (en) * 1996-01-30 2006-02-22 富士ゼロックス株式会社 Information processing apparatus and information processing method
US5825877A (en) * 1996-06-11 1998-10-20 International Business Machines Corporation Support for portable trusted software
US5778070A (en) * 1996-06-28 1998-07-07 Intel Corporation Method and apparatus for protecting flash memory
AU2003203649B2 (en) * 1996-08-12 2006-03-02 Intertrust Technologies Corporation Systems and methods using cryptography to protect secure computing environments
US20120166807A1 (en) 1996-08-12 2012-06-28 Intertrust Technologies Corp. Systems and Methods Using Cryptography to Protect Secure Computing Environments
AU2004240210B2 (en) * 1996-08-12 2008-03-06 Intertrust Technologies Corporation Systems and methods using cryptography to protect secure computing environments
US6157721A (en) * 1996-08-12 2000-12-05 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
JP3570114B2 (en) * 1996-10-21 2004-09-29 富士ゼロックス株式会社 Data validation methods and data verification system
US6253323B1 (en) 1996-11-01 2001-06-26 Intel Corporation Object-based digital signatures
US9219755B2 (en) 1996-11-08 2015-12-22 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US8079086B1 (en) 1997-11-06 2011-12-13 Finjan, Inc. Malicious mobile code runtime monitoring system and methods
US6021491A (en) * 1996-11-27 2000-02-01 Sun Microsystems, Inc. Digital signatures for data streams and data archives
US6272631B1 (en) * 1997-06-30 2001-08-07 Microsoft Corporation Protected storage of core data secrets
JP3781874B2 (en) * 1997-09-05 2006-05-31 富士通株式会社 Electronic information management apparatus by image instruction, secret key management apparatus and method, and recording medium on which secret key management program is recorded
US6802006B1 (en) * 1999-01-15 2004-10-05 Macrovision Corporation System and method of verifying the authenticity of dynamically connectable executable images
US8074289B1 (en) 1998-01-23 2011-12-06 Emc Corporation Access to content addressable data over a network
US7110984B1 (en) * 1998-08-13 2006-09-19 International Business Machines Corporation Updating usage conditions in lieu of download digital rights management protected content
EP1105798B1 (en) * 1998-08-19 2004-01-07 Siemens Aktiengesellschaft Method, array and set of several arrays for protecting several programs and/or files from unauthorized access by a process
US6320964B1 (en) 1998-08-26 2001-11-20 Intel Corporation Cryptographic accelerator
DE19847943A1 (en) * 1998-10-09 2000-04-13 Deutsche Telekom Ag Digital water mark generation method for documents used for identification
US7650504B2 (en) * 1999-07-22 2010-01-19 Macrovision Corporation System and method of verifying the authenticity of dynamically connectable executable images
US6807632B1 (en) * 1999-01-21 2004-10-19 Emc Corporation Content addressable information encapsulation, representation, and transfer
US6567917B1 (en) * 1999-02-01 2003-05-20 Cisco Technology, Inc. Method and system for providing tamper-resistant executable software
JP4238410B2 (en) * 1999-04-09 2009-03-18 ソニー株式会社 Information processing system
US6389537B1 (en) * 1999-04-23 2002-05-14 Intel Corporation Platform and method for assuring integrity of trusted agent communications
EP1055990A1 (en) * 1999-05-28 2000-11-29 Hewlett-Packard Company Event logging in a computing platform
EP1056010A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company Data integrity monitoring in trusted computing entity
FI110565B (en) * 1999-06-08 2003-02-14 Nokia Corp The method and system of the telephone exchange system,
US6560599B1 (en) * 1999-06-30 2003-05-06 Microsoft Corporation Method and apparatus for marking a hash table and using the marking for determining the distribution of records and for tuning
JP2001066986A (en) * 1999-08-26 2001-03-16 Sony Corp Transmitter and method, receiver and method, communication system, and program storage medium
US6976165B1 (en) * 1999-09-07 2005-12-13 Emc Corporation System and method for secure storage, transfer and retrieval of content addressable information
US6868405B1 (en) * 1999-11-29 2005-03-15 Microsoft Corporation Copy detection for digitally-formatted works
CN1423766A (en) * 2000-02-17 2003-06-11 通用仪器公司 Method and apparatus for providing secure control of software or firmware code dowloading and secure operation of a computer device receiving dowloaded code
US6760441B1 (en) * 2000-03-31 2004-07-06 Intel Corporation Generating a key hieararchy for use in an isolated execution environment
US20010042204A1 (en) * 2000-05-11 2001-11-15 David Blaker Hash-ordered databases and methods, systems and computer program products for use of a hash-ordered database
US7117371B1 (en) * 2000-06-28 2006-10-03 Microsoft Corporation Shared names
JP2002016596A (en) * 2000-06-29 2002-01-18 Oki Electric Ind Co Ltd Image transmitter and image receiver
US6952477B1 (en) * 2000-07-03 2005-10-04 International Business Machines Corporation Fault intolerant cipher chaining
US7096493B1 (en) * 2000-12-21 2006-08-22 Gary G. Liu Internet file safety information center
US6738932B1 (en) * 2000-12-22 2004-05-18 Sun Microsystems, Inc. Method and system for identifying software revisions from memory images
US6948065B2 (en) 2000-12-27 2005-09-20 Intel Corporation Platform and method for securely transmitting an authorization secret
EP1223696A3 (en) * 2001-01-12 2003-12-17 Matsushita Electric Industrial Co., Ltd. System for transmitting digital audio data according to the MOST method
US20020112163A1 (en) * 2001-02-13 2002-08-15 Mark Ireton Ensuring legitimacy of digital media
GB2372595A (en) 2001-02-23 2002-08-28 Hewlett Packard Co Method of and apparatus for ascertaining the status of a data processing environment.
GB2372591A (en) * 2001-02-23 2002-08-28 Hewlett Packard Co Method of investigating transactions in a data processing environment
GB2372592B (en) * 2001-02-23 2005-03-30 Hewlett Packard Co Information system
GB2372594B (en) * 2001-02-23 2004-10-06 Hewlett Packard Co Trusted computing environment
IL142487D0 (en) * 2001-04-05 2003-09-17 Hexalock Ltd Method and system for protecting data
US8069175B2 (en) 2002-04-10 2011-11-29 Google Inc. Delegating authority to evaluate content
US20030196094A1 (en) * 2002-04-10 2003-10-16 Hillis W. Daniel Method and apparatus for authenticating the content of a distributed database
US20030195834A1 (en) * 2002-04-10 2003-10-16 Hillis W. Daniel Automated online purchasing system
WO2002084590A1 (en) * 2001-04-11 2002-10-24 Applied Minds, Inc. Knowledge web
US7136840B2 (en) 2001-04-20 2006-11-14 Intertrust Technologies Corp. Systems and methods for conducting transactions and communications using a trusted third party
US7424747B2 (en) * 2001-04-24 2008-09-09 Microsoft Corporation Method and system for detecting pirated content
CA2445576C (en) * 2001-04-27 2013-01-08 W. Quinn, Inc. Filter driver for identifying disk files by analysis of content
EP1388126B1 (en) * 2001-05-17 2013-03-27 Nokia Corporation Remotely granting access to a smart environment
US7246235B2 (en) * 2001-06-28 2007-07-17 Intel Corporation Time varying presentation of items based on a key hash
US7421411B2 (en) * 2001-07-06 2008-09-02 Nokia Corporation Digital rights management in a mobile communications environment
US7036020B2 (en) * 2001-07-25 2006-04-25 Antique Books, Inc Methods and systems for promoting security in a computer system employing attached storage devices
US7925894B2 (en) * 2001-07-25 2011-04-12 Seagate Technology Llc System and method for delivering versatile security, digital rights management, and privacy services
GB2378013A (en) * 2001-07-27 2003-01-29 Hewlett Packard Co Trusted computer platform audit system
US7237121B2 (en) * 2001-09-17 2007-06-26 Texas Instruments Incorporated Secure bootloader for securing digital devices
US8117450B2 (en) * 2001-10-11 2012-02-14 Hewlett-Packard Development Company, L.P. System and method for secure data transmission
US20030105961A1 (en) * 2001-11-30 2003-06-05 Peter Zatloukal Avoiding attachment of an ineligible smart interchangeable cover to an electronic device
US20030196096A1 (en) * 2002-04-12 2003-10-16 Sutton James A. Microcode patch authentication
US6715085B2 (en) * 2002-04-18 2004-03-30 International Business Machines Corporation Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
US7266842B2 (en) * 2002-04-18 2007-09-04 International Business Machines Corporation Control function implementing selective transparent data authentication within an integrated system
US7089419B2 (en) 2002-04-18 2006-08-08 International Business Machines Corporation Control function with multiple security states for facilitating secure operation of an integrated system
US6851056B2 (en) * 2002-04-18 2005-02-01 International Business Machines Corporation Control function employing a requesting master id and a data address to qualify data access within an integrated system
WO2003096585A1 (en) * 2002-05-06 2003-11-20 Bentley Systems, Inc. Method and system for digital rights management and digital signatures
JP2004013608A (en) * 2002-06-07 2004-01-15 Hitachi Ltd Control for execution and transfer of program
US7243231B2 (en) 2002-07-31 2007-07-10 Intel Corporation Sensory verification of shared data
US7444522B1 (en) * 2002-09-18 2008-10-28 Open Invention Network, Llc Dynamic negotiation of security arrangements between web services
AU2003297193A1 (en) 2002-12-13 2004-07-09 Applied Minds, Inc. Meta-web
US8012025B2 (en) * 2002-12-13 2011-09-06 Applied Minds, Llc Video game controller hub with control input reduction and combination schemes
US8996874B2 (en) * 2003-04-03 2015-03-31 Stmicroelectronics Sa Protection of a program waiting to be executed in a memory used by a microprocessor
US7353397B1 (en) * 2003-04-30 2008-04-01 Adobe Systems Incorporated Repurposing digitally signed information
SG155065A1 (en) * 2003-06-05 2009-09-30 Intertrust Tech Corp Interoperable systems and methods for peer-to-peer service orchestration
US7272228B2 (en) * 2003-06-12 2007-09-18 International Business Machines Corporation System and method for securing code and ensuring proper execution using state-based encryption
US20050033700A1 (en) * 2003-08-04 2005-02-10 Vogler Dean H. Method and apparatus for creating and rendering an advertisement
US8661559B2 (en) * 2003-08-18 2014-02-25 Riverside Research Institute Software control flow watermarking
US20050055312A1 (en) * 2003-08-18 2005-03-10 Wilson Kelce Steven Software control flow watermarking
US7734932B2 (en) * 2003-11-10 2010-06-08 Broadcom Corporation System and method for securing executable code
US7516331B2 (en) * 2003-11-26 2009-04-07 International Business Machines Corporation Tamper-resistant trusted java virtual machine and method of using the same
US20050131918A1 (en) * 2003-12-12 2005-06-16 W. Daniel Hillis Personalized profile for evaluating content
US7844610B2 (en) 2003-12-12 2010-11-30 Google Inc. Delegated authority evaluation system
JP2005346182A (en) * 2004-05-31 2005-12-15 Fujitsu Frontech Ltd Information processor, tamper resistant method, and tamper resistant program
US7461268B2 (en) * 2004-07-15 2008-12-02 International Business Machines Corporation E-fuses for storing security version data
EA200700350A1 (en) * 2004-07-26 2007-08-31 Стохасто Аса The method of protecting computer systems from encrypted and polymorphic viruses
US7712135B2 (en) * 2004-08-05 2010-05-04 Savant Protection, Inc. Pre-emptive anti-virus protection of computing systems
US9313214B2 (en) * 2004-08-06 2016-04-12 Google Technology Holdings LLC Enhanced security using service provider authentication
JP4732508B2 (en) 2005-03-22 2011-07-27 ヒューレット−パッカード デベロップメント カンパニー エル.ピー.Hewlett‐Packard Development Company, L.P. Methods, devices, and data structures for trusted data
US20060236122A1 (en) * 2005-04-15 2006-10-19 Microsoft Corporation Secure boot
US8521752B2 (en) 2005-06-03 2013-08-27 Osr Open Systems Resources, Inc. Systems and methods for arbitrary data transformations
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
JP4901164B2 (en) * 2005-09-14 2012-03-21 ソニー株式会社 Information processing apparatus, information recording medium, method, and computer program
US8135958B2 (en) * 2005-11-22 2012-03-13 International Business Machines Corporation Method, system, and apparatus for dynamically validating a data encryption operation
US20070180210A1 (en) * 2006-01-31 2007-08-02 Seagate Technology Llc Storage device for providing flexible protected access for security applications
EP1998269A4 (en) * 2006-02-21 2012-02-29 Nec Corp Program execution control system, execution control method, execution control computer program
US8185576B2 (en) * 2006-03-14 2012-05-22 Altnet, Inc. Filter for a distributed network
US8028166B2 (en) * 2006-04-25 2011-09-27 Seagate Technology Llc Versatile secure and non-secure messaging
US8429724B2 (en) 2006-04-25 2013-04-23 Seagate Technology Llc Versatile access control system
US7539890B2 (en) * 2006-04-25 2009-05-26 Seagate Technology Llc Hybrid computer security clock
US8099629B2 (en) * 2006-07-14 2012-01-17 Marvell World Trade Ltd. System-on-a-chip (SoC) test interface security
US7512748B1 (en) 2006-08-17 2009-03-31 Osr Open Systems Resources, Inc. Managing lock rankings
US8539228B1 (en) * 2006-08-24 2013-09-17 Osr Open Systems Resources, Inc. Managing access to a resource
SG175679A1 (en) 2006-11-13 2011-11-28 Certicom Corp Compressed ecdsa signatures
US8024433B2 (en) * 2007-04-24 2011-09-20 Osr Open Systems Resources, Inc. Managing application resources
US8386608B1 (en) * 2007-08-03 2013-02-26 Alex Rankov Service scripting framework
US7949693B1 (en) 2007-08-23 2011-05-24 Osr Open Systems Resources, Inc. Log-structured host data storage
US20090064134A1 (en) * 2007-08-30 2009-03-05 Citrix Systems,Inc. Systems and methods for creating and executing files
US8667597B2 (en) * 2008-06-25 2014-03-04 Lockheed Martin Corporation Systems, methods, and products for secure code execution
JP2010191665A (en) * 2009-02-18 2010-09-02 Sony Corp Information processor, information processing method and program, and recording medium
EP2486509A4 (en) * 2009-10-09 2016-11-30 Nokia Technologies Oy Platform security
CN102812431A (en) 2010-03-22 2012-12-05 Lrdc系统有限公司 A method of identifying and protecting the integrity of a set of source data
US9772834B2 (en) * 2010-04-27 2017-09-26 Red Hat, Inc. Exportable encoded identifications of networked machines
US8903874B2 (en) 2011-11-03 2014-12-02 Osr Open Systems Resources, Inc. File system directory attribute correction
US8713684B2 (en) 2012-02-24 2014-04-29 Appthority, Inc. Quantifying the risks of applications for mobile devices
US8918881B2 (en) 2012-02-24 2014-12-23 Appthority, Inc. Off-device anti-malware protection for mobile devices
US10402393B2 (en) * 2012-03-02 2019-09-03 Pure Storage, Inc. Slice migration in a dispersed storage network
FR2992083B1 (en) * 2012-06-19 2014-07-04 Alstom Transport Sa Computer, communication assembly comprising such a computer, rail management system comprising such a set, and method for reliability of data in a computer
US8819772B2 (en) * 2012-06-25 2014-08-26 Appthority, Inc. In-line filtering of insecure or unwanted mobile device software components or communications
US8856519B2 (en) 2012-06-30 2014-10-07 International Business Machines Corporation Start method for application cryptographic keystores
US9106411B2 (en) 2012-09-30 2015-08-11 Apple Inc. Secure escrow service
US20140108590A1 (en) * 2012-10-11 2014-04-17 Simon Hunt Efficient shared image deployment
RU2533061C1 (en) * 2013-06-26 2014-11-20 Закрытое акционерное общество "Научно-производственное предприятие "Информационные технологии в бизнесе" System for controlling access to created encrypted files
US20150039872A1 (en) * 2013-08-05 2015-02-05 Caterpillar Inc. Multiple Signed Filesystem Application Packages
US9830329B2 (en) 2014-01-15 2017-11-28 W. Anthony Mason Methods and systems for data storage
US9842062B2 (en) 2015-05-31 2017-12-12 Apple Inc. Backup accessible by subset of related devices
CN108416224B (en) * 2018-02-13 2019-10-15 北京梆梆安全科技有限公司 A kind of data encryption/decryption method and device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2596177B1 (en) * 1986-03-19 1992-01-17 Infoscript Method and qualitative protection device for digitized data
US5224160A (en) * 1987-02-23 1993-06-29 Siemens Nixdorf Informationssysteme Ag Process for securing and for checking the integrity of the secured programs
US5052040A (en) * 1990-05-25 1991-09-24 Micronyx, Inc. Multiple user stored data cryptographic labeling system and method
US5412717A (en) * 1992-05-15 1995-05-02 Fischer; Addison M. Computer system security method and apparatus having program authorization information data structures
AU683038B2 (en) * 1993-08-10 1997-10-30 Addison M. Fischer A method for operating computers and for processing information among computers
US5412718A (en) * 1993-09-13 1995-05-02 Institute Of Systems Science Method for utilizing medium nonuniformities to minimize unauthorized duplication of digital information
US5343527A (en) * 1993-10-27 1994-08-30 International Business Machines Corporation Hybrid encryption method and system for protecting reusable software components
US5530757A (en) * 1994-06-28 1996-06-25 International Business Machines Corporation Distributed fingerprints for information integrity verification

Also Published As

Publication number Publication date
CN1194072A (en) 1998-09-23
JPH11511576A (en) 1999-10-05
RU2142674C1 (en) 1999-12-10
DE69635209D1 (en) 2006-02-02
EP0860064B1 (en) 2005-09-21
DE69635209T2 (en) 2006-06-22
EP0860064A4 (en) 1999-10-06
WO1997007657A2 (en) 1997-03-06
WO1997007657A3 (en) 1997-04-17
US5940513A (en) 1999-08-17
IL123198A (en) 2001-06-14
US5757915A (en) 1998-05-26
IL123198D0 (en) 1998-09-24
EP0860064A2 (en) 1998-08-26
BR9610127A (en) 1999-10-26
JP4087442B2 (en) 2008-05-21
HK1015987A1 (en) 2006-07-28
AU6501196A (en) 1997-03-19

Similar Documents

Publication Publication Date Title
US5757914A (en) System and method for protecting use of dynamically linked executable modules
US6301660B1 (en) Computer system for protecting a file and a method for protecting a file
DE69534757T2 (en) System and method for secure storage and distribution of data using digital signatures
US6058476A (en) Encryption apparatus for ensuring security in communication between devices
EP2634959B1 (en) Method and Apparatus for Incremental Code Signing
US8838977B2 (en) Watermark extraction and content screening in a networked environment
JP5670578B2 (en) Method and apparatus including architecture for protecting sensitive code and data
US6993648B2 (en) Proving BIOS trust in a TCPA compliant system
US6385727B1 (en) Apparatus for providing a secure processing environment
US7215771B1 (en) Secure disk drive comprising a secure drive key and a drive ID for implementing secure communication over a public network
US7500098B2 (en) Secure mode controlled memory
ES2426256T3 (en) System and procedure for the protection of digital works
DE19827659B4 (en) System and method for storing data and protecting the data against unauthorized access
US7587589B2 (en) Saving and retrieving data based on symmetric key encryption
EP0865695B1 (en) An apparatus and method for cryptographic companion imprinting
KR100891222B1 (en) Secure video system for display adaptor
US7698664B2 (en) Secure exchange of information in electronic design automation
US5949882A (en) Method and apparatus for allowing access to secured computer resources by utilzing a password and an external encryption algorithm
US5935246A (en) Electronic copy protection mechanism using challenge and response to prevent unauthorized execution of software
US6898706B1 (en) License-based cryptographic technique, particularly suited for use in a digital rights management system, for controlling access and use of bore resistant software objects in a client computer
US6438666B2 (en) Method and apparatus for controlling access to confidential data by analyzing property inherent in data
US20030105963A1 (en) Secure printing with authenticated printer key
US7243236B1 (en) Systems and methods for using cryptography to protect secure and insecure computing environments
EP1391801A2 (en) Saving and retrieving data based on public key encryption
JP2814923B2 (en) Transaction Processing Systems

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
C14 Grant of patent or utility model
EXPY Termination of patent right or utility model